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Amcrtdments to the riAimc- 



This listing Of claims wiJ! replace all prior vmions. and lisHngs, of claim, in the application: 
Listing ofrifltm« . 

1 . (Original) A cnmputcrized method for authenticating an electronic transaction 
between a user and a computer, the computer being configured to conduct electronic 
transactions, the method comprising: 

receiving a computer-generated transaction identifier from the computer via an 
electronic data link; 

receiving a user-spoken transaction identifier and a user-spoken verification 
identifier transmitted by the user via a voice connection; 

comparing the user-spoken transaction identifier with the computer transaction 

identiiier; 

comparing the user-spoken verification identifier with a voice print of the user; 

and 

transmitting an audientication message to the computer if the user-spoken 
transaction identifier matches the computer-generated transaction identifier and if the user- 
spoken verification identifier matches the voice print. 

2. (original) The method of claim 1, wherein the computer transaction identifier is 
generated by the computer in response to the electronic transaction conducted between the user 
and the computer. 
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3. (original) TT,e method of claim I, further comprising the stq, of providing the 
user voice print and user payment information prior to the electromc transaction. 



4. (original) n,e method of claim 3. wherein the user voice print is provided by the 
user by providing a spoken telephone number to a voice recognition unit. 

5. (original) The method of claim 3, wherein the user voice print is provided by the 
user by providing a spoken user name to a voice recognition unit. 

6. (original) The method of claim 3. wherein the user payment information includes 
a credit card number and an associated credit card expiration date. 

7. (currently amended) The method of claim 1, wherein the step of receiving a user- 
spoken transaction identifier and the step of receiving a user-spoken verification identifier must 
be are perfoimed withm a predetermined time fh>m completing the electronic transaction. 

8. (original) TTie method of claim 7, wherein the predetermined time is about five 
minutes. 



9. (original) The method of claim 1, wherein the electronic data link includes the 
Internet. 
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10. (original) The method of claim 1, whe«i„ the dectronic data link bcludes a 
private networks 



1 1. (original) The method of claim I. wherein the computer is a system component 

of a financial institution. 



12. (original) The method of claim 1 1. wherein the financial 



institution is a bank. 



13. (original) The method of claim 12, whemin Ihc user conducts the eleccn>nic 
transaction using an ATM machine. 



14. (original) He method of claim 12. wherein the userconducts the electronic 
transaction by communicating with a bank teller. 

15. (original) The method of claim I, wherein the user conducts the electronic 
transaction using a personal computer. 

16. (original) Themethodofclaiml.whereintheuserconductstheelectromc 
transaction using a wireless device. 



1 7. (original) The method of claim I, wherein the user conducts the electronic 
transaction using a hand-held device. 
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18. (original) The method of claiir L wherein the computer is a system component 
of an Internet web-site. 



1 9. (original) The method of claim 18, further comprising: 

receiving at least one user-spoken command for controlling web-site navigation, 
the at least one user-spoken command being transmitted by the user via a telephonic voice 
connection; 

converting the at least one user-spoken command into at least one computer 
readable command; 

transmitting the at least one computer readable command to the computer; and 
executing the at least one computer readable command, using the computer, 

whereby the user controls web-site navigation of the Imerncl web-site by voice command via the 

telephonic voice connection. 

20. (original) The method of claim 19. wherein the user is prompted by a voice menu 
system to respond to voice menu options when transmitting the at least one user-spoken 
command. 

2 1 . (original) The method of claim I , lurtha- comprising: 
providing at least one voice menu option to the user; 

processing at least one user-spoken response to the at least one voice menu 
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option. wh.«by fte « l=a». ™c u»=r.p„k«. ,^0^ fa „ ,^ ^ 

readable response; 

transmitting the at least one computer-readable response to the computer; and 
executing the at least one computer response, using the computer, whereby the 
user controls the computer by voice command. 



22. (original) The method of claim 1. wherein the user-spoken transaction identifier 
and the user-spoken verification identifier are transmitted by a telephomc voice connection. 

23. (original) The method of claim I , wherein the electronic transaction includes an 
on-line purchase of goods or services. 

24. (original) The method of claim 1 , wherein the electronic transaction includes a 
bonking transaction. 

25. (original) The method of claim I , wherein the electronic transaction includes 
downloading music files. 

26. (original) The method of claim 1 . wherein the electronic transaction includes a 
point-of-sale transaction. 

27. (cun-ently amended) A system for authenticating an electronic transaction 
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fciromc IransMiras, tbe systsm comprising: 

. voi« browse, ^dg^^ ^ ^ ^ 

c<»np.„= a us,«p„ken vcriBcdon id«,Hfer «. . voio. prte of tf,e UKer; and 

. =.«.,on „ ^.^^ ^^^^ 

<»ii%in!d lo transmil an authentication 
i<.cnUfi„n,«ch. *c co.p„.„,™sac«o„ i,„«„, and 
identifier matches the voice print. 



message to the computer if the user-spoken tmnsactioa 



28. (o^giual) Thesy.cn,ofclai.27,when.inthevoicebrowserfUnhercot„prises- 
^^°''^^^"°^'^--'^-^'^totheseconduser.perateddevicev^^ 

' / unitbeingconfiguredtoreco^eaudiNetonestr^^^^^ 

network; and 

ada.al«=co„plcd,oa.voicc«co<^ta„ni,4,^^,^.^^^^^ 
«ore,hcv.icprin,of*c.erandpa^.n.in,te.,.i„„,^^.^„i^^.^,^^^, 



29. (»'<S'°»')Thcs,,temofciai.28.«,«™„«,evoicereco^«„.„nit„cognize. 
both spoken input and DTMF input. 



30. (original) The system of claim 28. fiirther 



comprising a telephony interface unit 
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35. (original) The system of claim 27. wherein the voice browser includes at least 
one software module resident in a computer diq,osed in a network data center. 

36. (original) The system of claim 27. wherein the voice browser includes at least 
one software module resident in a computer disposed in a customer premise equipment. 

37. (original) Ihe system of claim 27. wherein the voice browser includes at least 
one software module resident in a computer disposed in an intranet. 

38. (original) The system of claim 27, wheiein the session correlator includes at least 
one software module resident in an Internet backbone. 

39. (original) The system of claim 27. wherein the session correlator includes at least 
one software module resident in a telecommunications switch. 

40. (original) The system of claim 27, wherein the session correlator includes at least 
one software module resident in a computer disposed in a network data center. 

4 1 . (original) The system of claim 27, wherein the session correlator includes at least 
one software module resident in a computer disposed in a customer premise equipment. 

42. (original) The system of claim 27. wherein the session correlator includes at least 
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o.e softmre moOule ,«idi»t ta . co»vuIer disp^cd j. 



operated device mcludes a microphone, 
operated device includes a telephone set. 



45. (original) System of claixn 44, whe^in the telephone set is a wireless 
telephone. 



46. (c^y.n«^) c'"™ 45. »h»«„ ,he wi«l«„cl.p,„„e fa 

configured to ([ibJ] 5,56 a wireless access protocol. 



47. (origi^l, rh. system of clai™ 27, wherein the computer transaction identifier U 
ge.cn.ted by the computer in response h> the eleet^nic transacto. conducted between the user 

and the computer. 



48. (original) TT.^ system of claim 27, wherein the electxx,nic data link includes the 

internet. 



49. (original) The .ystem of clni™ 27. wherein the electronic data link includes a 
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private network. 

50. (original) The system of claim 27, wherein the computer is a system component 
of a financial institution. 

5 1 . (original) The system of claim 50, wherein the financial institution is a bank. 

52. (original) The system of claim 51, wherein the first user*operated device includes 
an ATM machine. 

53. (original) The system of claim 51, wherein the user conducts the electronic 
transaction by communicating with a bank teller. 

54. (original) The system of claim 27, wherein the first user-operated device includes 
a personal computer. 

55. (original) The system of claim 27, wherein the first user-operated device includes 
a wireless device. 

56. (original) The system of claim 27, wherein the first user-operated device includes 
a hand-held device. 
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57. (original) The system of claim 27, wherein the computer is a system component 
of an Internet web-site. 



58. (original) The system of claim 27, further comprising: 

a user authentication input unit coupled to the first user-operated device and the 
session correlator, the user authentication unit being configured to accept a user name and a user 
password from the user; 

a database coupled to the user authentication input unit, the database being 
configured to store an authentic user name and an authentic user password; and 

a user authcnticator coupled to the user authentication input unit, the database, 
and the session correlator, the user authcnticator being programmed to compare ±e user name to 
Oie authentic user name, and to compare the user password to the authentic user password, 
whereby the user authcnticator provides the session correlator with a transaction denial message 
if the user name does not match the authentic user name, or the user password does not match the 
authentic user password. 

59. (original) The system of claim 27, wherein the electronic transaction includes an 
on-line purcha<;e of goods or services. 

60. (original) The system of claim 27, wherein the electronic transaction includes a 
banking traiisaction. 
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61 • (original) The system of claim 27, wherein the clectroxiic transaction includes 
downloading music files. 

62. (original) The system of claim 27, wherein Che electronic transaction includes a 
point-of-sale transaction* 

63. (original) A computerized voice verification method for authenticating an 
electronic transaction between a user and a computer, the computer being configured to conduct 
electronic transactions, the method comprising: 

enrolling the user in a voice verification system, whereby tiie user provides the 
system with a user voice print; 

performing the electronic transaction; 

receiving a transaction identifier from the computer via an electronic data link in 
response to performing the electronic transaction; 

receiving a user-spoken transaction identifier and a user-spoken verification 
identifier transmitted by the user via a voice connection; 

comparing the user-spoken transaction identifier witii the computer transaction 
identifier and the user-spoken verification identifier with a voice print of the user; and 

transmitting an authentication message to the computer if the user-spoken 
transaction identifier matches the computer transaction identifier, and if the user-spoken 
verification identifier matches the voice print 

-13- 
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64. (original) The method of claim 63, wherein a transaction denied message is 
transmitted to the computer if the user-spoken transaction identifier does not match the computer 
transaction identifier, or if the user-spoken verification identifier does not match the voice print. 

65. (original) A computeri2ed method for controlling web-site navigation, the 
method comprising: 

providing an authentication system including a voice recognition unit aiKl a 
session correlator, the voice recognition unit having access to a pre-registered voice print of the 
user, whereby the authentication system is coupled to a user computer and a web-site during the 
computerized method; 

conducting a transaction between tfac user computer and the web-site, the web-sitc 
transmitting a transaction identifier to the user computer and the authentication system in 
response to the transaction; 

receiving a user-spoken transaction identifier and a uscivspokcn verification 
identifier via a telephonic coimection, the authentication system being programmed to compare 
the user-spQken transaction identifier to the transaction identifier and the user-spoken 
verification identifier to the prc-registered voice print; 

transmitting an auAentication message to the web-site if the user-spoken 
transaction identifier matches the transaction identifier and if the user-spoken verification 
identifier matches the voice print; 

receiving at least one user-spoken command for controlling web-site navigation, 
the authentication system being programmed to convert the at least one user-spoken command 
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into at least one computer-readable command; and 

transmitting the at least one computer-readable command to the web-site, the at 
least one computer-readable command being executed by the web-site, whereby the user controls 
web-sitc navigation of the web-site by the at least one user-spoken conunand. 

66- (original) The method of claim 65, wherein the at least one user-spoken 
command includes a plurality of user-spoken commands. 

67. (original) The method of claim 65, wherein the plurality of user-spoken 
commands are transmitted by the user in response to a plurality of voice menu options provided 
by the authentication unit. 

68. (original) The method of claim 65, wherein a web navigation is denied message 
is transmitted to the computer if the user-spoken transaction identifier does not match the 
computer transaction identifier, or if the user-spoken verification identifier does not match the 
voice print. 
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In accordance with the invention, the present invention includes a method and system 
for authenticating an electronic transaction between a first user-operated device, such as a 
personal computer, and a commercial institution computer, such as a web-site, configured to 
conduct electronic transactions. The system includes a voice browser coupled to a second 
5 user-operated device, such as a telephone set. The voice browser is configured to receive 
and process user-spoken information fi"om the second user operated device, whereby a 
user-spoken transaction identifier is compared to a transaction identifier, and a user-spoken 
verification identifier is compared to a voice print of the user. A session correlator is 
coupled to the voice browser. The session correlator is configured to transmit an 
!y 10 authentication message to the computer if the user-spoken transaction identifier matches the 
G computer transaction identifier and if the user-spoken verification identifier matches the 

□ voice print. 

■ ^ The system and method of the present invention provides secure authentication and 

in 

verification of user provided data during the course of an electronic transaction. The system 

ly 

□ 15 and method of the present invention substantially eliminates the fi^audulent usage of debit 

\^ 

and credit cards during electronic transactions. The system and method of the present 
invention is effective in providing security during on-line transactions, ATM transactions, 
and point-of-sale (POS) transactions. The system and method of the present invention also 
provides the user with a "hands-firee" way of navigating the web using a full-duplex voice 
20 communications medium (wire line telephone, wireless telephone, radio, and etc.). 

As embodied herein, and depicted in Figure 1, a block diagram of the authentication 
system in accordance with a first embodiment of the present invention is disclosed. 
Authentication system 10 includes voice browser 20 and session correlator 30. Voice 
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br owser 20 includes telephony interface 200 connected to telephone network 12 and 
computer 202. Computer 202 is coupled to voice print database 204, voice menu option 
library 206, speech synthesizer 208, and speech recognition imit 210. Session correlator 30 
includes computer 300, server 302, and session correlator software 304. In the example 
shown in Figure 1, voice browser 20 and session correlator 30 are network resources 
disposed anywhere in the network backbone. One of ordinary skill in the pertinent art will 
recognize that browser 20 and correlator 30 may be co-located in a network data center. In 
that embodiment, computer 202 and computer 300 may well be embodied in one computer. 
It will be apparent to those of ordinary skill in the pertinent art that modifications and 



10 variations can be made to telephone interface 200 of the present invention depending on 
network 12. For example, if interface 200 is connected to a T-1 line, interface 200 must 
13 accommodate a bandwidth of about 1.5 Mb/s and 24 64 kb/s voice grade channels. In 
another embodiment, interface 200 is connected to several T-1 lines. In yet another 
embodiment, interface 200 is connected to a T-3 line. In this embodiment, interface 200 



m 

■ SI ' 

iU 

□ 1 5 must accommodate a bandwidth of approximately 45 mb/s and about 672 64 kb/s voice 



grade channels. In another embodiment, the telephone network is a wireless network, in 
which case interface 200 must be configured to transmit and receive RF signals, and 
programmed to accommodate wireless access protocol (WAP). In another embodiment, the 
telephone network is an I/P network and interface 200 must accommodate a voice-over-I/P 
20 protocol such the session initiation protocol (SIP). 

It will be apparent to those of ordinary skill in the pertinent art that modifications and 
variations can be made to server 302 depending on system component choices. One of 
ordinary skill in the art will recognize that Internet 14 includes physical devices such as 
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